Severity Rating: ImportantRevision Note: V1.1 (July 22, 2015): Bulletin revised to improve the Update FAQ section to help customers more easily identify the correct update to apply based on a currently installed version of SQL Server. This is an informational change only. Customers who have already successfully installed the update do not need to take any action.Summary: This security update resolves vulnerabilities in Microsoft SQL Server. The most severe vulnerabilities could allow remote code execution if an authenticated attacker runs a specially crafted query that is designed to execute a virtual function from a wrong address, leading to a function call to uninitialized memory. To exploit this vulnerability an attacker would need permissions to create or modify a database.